CHIRAG ARORA
Summary
. *+ Years of IT Security and Administration experience
. Sound background in Information Assurance principles and practices
. Familiar with security standards & regulations like NIST SP, PCI-DSS,
HIPAA, COBIT, DIACAP and FISMA
. Strong problem-solving skills, adept at managing business processes
and liaison between teams and clients
. Dedicated, self-motivated, high achiever and proficient at managing
multiple tasks in a high-pressured environment
Technical Skills
Languages- C, C++, HTML, PHP, JavaScript, XML, Shell Scripting
Network Protocols- TCP/IP Suite, DNS, DHCP, ARP, RARP, RIP, IGRP, EIGRP,
OSPF, Telnet, IEEE 802.11, IPSec, SSL 3.0, SSH
Servers- MS IIS, Apache, Exchange 2003, Blackberry Enterprise Server, ISA
2004, MOM 2005, SMS 2003
Databases- SQL Server 2005, MySQL, MS Access, Oracle 8i
Directory Skills- Active Directory
Operating System- Windows XP/Vista, Windows Server NT/2000/2003, Ubuntu
Linux, Red Hat Linux, Novell, Mac OS
Security Tools- IBM AppScan, Encase, StegDetect, FTK, Snort IDS, Nmap,
Nessus, Nikto, Rootkit Revealer, Unicornscan, Wireshark, SpyBot, Ettercap,
TCPDump, SNORT
Firewalls- Cisco IOS, ASA, PIX, Checkpoint NGX, MS ISA 2004
Others- Cisco VPN, Symantec Ghost, BartPE, VMware, WSUS, MS Baseline
Security analyzer, cCleaner, GroupWise, Eudora
Work Experience
System Administrator, Johns Hopkins University, Baltimore, MD, USA
Sept 2007-Present
. Currently working on project for providing PCI-DSS compliance to the
Center for Talented Youth, Johns Hopkins University
. Actively participated in annual IT Security Audit of CTY Information
Systems
. Successfully administered and supported Windows Server 2000/2003,
Active Directory, Windows XP Desktops in a server based clustered
environment
. Performed risk assessment of CTY IT Infrastructure with senior team
members and recommended necessary controls and countermeasures in
accordance with 2003 Threats and Countermeasures guide and XP security
guide.
. Performed vulnerability assessments using Microsoft Baseline Security
Analyzer
. Maintained and supported Dell servers remotely using DRAC
. Managed and configured IT policies for Blackberry handheld devices on
the Blackberry Enterprise Server
. Built and maintained WSUS Version 3 server patch maintenance system.
Responsible for testing and confirmation of all patches and security
update releases
. Provided support for SQL Server and MS Access databases
. Ensured that antivirus protection (Symantec / McAfee) remained current
on all servers and workstations and responsible for identifying and
sanitizing infected systems
. Working with upper management to improve efficiency and maximize
security
. Provided remote support to various CTY sites and customers
. Provided ongoing training and support for end users
. Migrated over 100 desktops and laptops computers to Windows XP using
Symantec Ghost and BartPE
. Installation and troubleshooting of software and hardware devices
. Support for encrypting confidential data using Pointsec full disk
encryption, managing product requirements, remote desktop support and
other duties as required
. Successfully managed software and hardware inventory
Network Security Specialist, ABB Limited, Faridabad, HR, INDIA
June 2006-July 2007
. Engineered and supported corporate LANs, network security and firewall
. Installed networking and computer equipment and wired multiple offices
. Configured Cisco routers and switches to provide Firewall and VPN
services
. Worked on Vulnerability/Threat management and analysis
. Performed security assessment using Nessus, Nmap, MBSA etc.
. Upheld Information Security Incident Identification, Response,
Management and Recovery
. Actively participated in the Risk Analysis of IT Infrastructure at ABB
Ltd.
. Provided ongoing training and support for end users
. Supplied support for company wide Windows servers and desktops
. Responsible technical supervision and training for desktop support
workers
. When necessary worked outside regularly scheduled hours as necessary
to insure client network functionality
. Undertook Day-to-day management of all Networking and Security
technologies
Network Administrator, Bharat Sanchar Nigam Ltd., Faridabad, HR, INDIA
Feb 2005-April 2006
. Performed network management using Dot soft proprietary software at
Department of Telecommunication, BSNL under government of India
. Successfully provided technical support to end users
. Assisted in network troubleshooting, incident handling and Disaster
Recovery
. Provided assistance to senior team members for configuring
multifunctional Linux based appliances that provided Firewall,
Intrusion Prevention, Mail & Web Filter, Anti-virus protection, & VPN
services
. Configured and supported MS Windows Server 2003, Active directory and
Group Policy Management, MS Exchange Server 2003
. Installed, configured, and managed Exchange, SQL Server, IIS, DNS,
DHCP, backup, file & print, & various third-party application servers
. Performed server upgrades and new server builds and network
integration of same. Upgrades included 2000 and 2005 SQL database
moves and integration to new equipment.
. Supported over 300 customers and provided computer-related training
such as networking fundamentals, driver installation, windows, virus
prevention and other security related techniques
. Designed and maintained lab environment where system test plans were
created and system testing was performed when necessary
. Customer satisfaction along with the development and nurturing of
customer relationships
System Administrator, Mayfair Housing (Pvt.) Ltd., Mumbai, INDIA
Jan 2003-Dec 2004
. Installed, configured, and maintained the LAN servers and
workstations to include Exchange, ISA, DNS, and File
& Print servers
. Provided Help Desk support with an emphasis on troubleshooting
network and software related issues in several
mixed 98/NT/2000/XP environments
. Interfaced with Senior Management and various department heads with
regards to Networking and Security strategies and planning
. Performed System administration of Exchange 5.5/2000 email
accounts
. Provided training to end users to increase system awareness
. Helped in managing software and hardware inventory
. Troubleshooting and administration of Windows 2K, and NT machines
. Diagnosed installations issues using WINS, TCP/IP and DNS
. Configured and installed hardware and software on desktop and laptop
pc's
. On call 24 X 7 person for the IT manager
Projects (Academics)
. Initialization Vector Generation- The scope of this project involved
creating a strong and secure IV for various stream and Block ciphers.
March 2007-April 2007
. Data Center Design- A project on design and development of a data
center for a struggling government department. It involved planning
under specific budgeting and resources with emphasis on disaster
recovery, business continuity and continuity of operations in case of
an emergency.
Jan 2006-April 2006
. Dead box Analysis- Performed Dead box Analysis of seized suspect
Windows XP hard drive and web server image using Encase, FTK and
various other tools like Office password recovery, Cain and Abel, MD5
checksum tool, StegDetect 0.4, Pcap logs, Wireshark etc.
Oct 2005-Dec 2005
. Random Number Generation- The scope of this project was to generate a
512-bit random number and than expanding the same using pseudo- random
number generator. The strength of the randomness was ensured by
testing with NIST statistical tests.
Nov 2004-
Dec 2004
. Ether Packet Sniffer- Designed and implemented an Ether Packet Sniffer
to keep a watch on incoming and outgoing packets. Next, we captured
and analyzed packets in the rawest form to reveal information about
the packets. In the third phase, we compared our developed product
with the available products in the market.
Aug 2003-Apr
2004
. Authentication Strategies- Project on providing authentication
strategy to my college network infrastructure. Certain features
incorporated in my project were User name Password Authentication,
Token Authentication, Kerberos Authentication, CHAP, Certificate.
Feb 2003 -May 2003
. College Website- Made a project 'W' on the college website. The main
features of this project were login system, discussion forum, image
gallery, and chat server and registration forms. This site included
all the information that was required by and for the existing and also
the prospective students, thus catering to complete needs of the
college.
Jan 2003-Mar 2003
Training
SANS GIAC- TCPDump, Wireshark and Snort IDS
July 2010
Qualysguard Vulnerability Assessment and Web Application Scanning
Dec 2009
CCSA, Thomson NETg, USA
Jan 2009
Cisco SNPA, Thomson NETg, USA
Jan 2008
CCNA, IICL Institute, Faridabad, HR, INDIA
Nov 2005
MCSE, IICL Institute, Faridabad, HR, INDIA
Jan 2005
Education
B Sc. (Engg.)